scottk/control-pane
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/control-pane.git synced 2025-10-31 18:07:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

* Simplify vnc.php

Browse Source
This commit is contained in:
Momchil Bozhinov
2022-08-02 15:39:02 +03:00
parent 3dcb57cf1d
commit 32982ab2a8
2 changed files with 164 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

147
php/validate.php Normal file
View File

@@ -0,0 +1,147 @@
<?php
class Validate {
private $f;
function __construct(array $pool)
{
$this->f = $pool;
}
public static function short_string($string, $exact_len = 0)
{
if (filter_var($string, FILTER_SANITIZE_STRING) != $string){
throw new Exception($string." string did not pass the validation");
}
$len = strlen($string);
if ($exact_len > 0){
if ($len != $exact_len) {
throw new Exception($string." string did not pass the lenght validation");
}
} else {
if ($len < 1 || $len > 34){
throw new Exception($string." string did not pass the lenght validation");
}
}
}
public static function url($url)
{
if (filter_var($url, FILTER_SANITIZE_URL) != $url){
throw new Exception($string." string did not pass the validation");
}
}
public static function long_string($string)
{
if (filter_var($string, FILTER_SANITIZE_STRING) != $string){
throw new Exception($string." string did not pass the validation");
}
$len = strlen($string);
if ($len < 1 || $len > 150){
throw new Exception($string." string did not pass the lenght validation");
}
}
public function exists($key)
{
return isset($this->f[$key]);
}
public function add_default($key, $val)
{
// NOTE this appends to f and it will stay there
if (!isset($this->f[$key])){
$this->f[$key] = $val;
}
}
public function all()
{
foreach($this->f as $f){
if (filter_var($f, FILTER_SANITIZE_STRING) != $f){
throw new Exception($f." string did not pass the validation");
}
}
return $this->f;
}
public function these(array $list)
{
if (empty($this->f)) {
throw new Exception("Validation data pool is empty");
}
foreach($list as $e => $type){
if (!isset($this->f[$e])){
throw new Exception($e.' is not set in form');
}
}
$r = [];
foreach($list as $e => $type){
switch($type){
case 1: # INT
$r[$e] = (int)$this->f[$e];
break;
case 2: # INT 0 not accepted
$r[$e] = (int)$this->f[$e];
if($r[$e] == 0){
throw new Exception($e." can't be 0");
}
break;
case 3: # SHORT STRING
if (filter_var($e, FILTER_SANITIZE_STRING) != $e){
throw new Exception($e." string did not pass the validation");
}
$len = strlen($this->f[$e]);
if ($len < 1 || $len > 34){
throw new Exception($e." string did not pass the lenght validation");
}
$r[$e] = $this->f[$e];
break;
case 4: # LONG STRING
if (filter_var($e, FILTER_SANITIZE_STRING) != $e){
throw new Exception($e." string did not pass the validation");
}
$len = strlen($this->f[$e]);
if ($len < 1 || $len > 150){
throw new Exception($e." string did not pass the lenght validation");
}
$r[$e] = $this->f[$e];
break;
case 5: # STRING WITH SPECIAL CHARS
if (filter_var($e, FILTER_SANITIZE_SPECIAL_CHARS) != $e){
throw new Exception($e." string did not pass the validation");
}
$len = strlen($this->f[$e]);
if ($len < 1 || $len > 20){
throw new Exception($e." string did not pass the lenght validation");
}
$r[$e] = $this->f[$e];
break;
case 6: # IP v4
if (filter_var($e, FILTER_FLAG_IPV4) != $e){
throw new Exception($e." string did not pass the validation");
}
$r[$e] = $this->f[$e];
break;
}
switch($e){
case 'password':
if ($len < 6){
throw new Exception("Minimal password lenght is 6");
}
break;
}
}
return $r;
}
}

40
public/vnc.php
View File

@@ -9,44 +9,27 @@ function runVNC($jname)
{ {
$res = (new Db('base','local'))->selectOne("SELECT vnc_password FROM bhyve WHERE jname=?", array([$jname])); $res = (new Db('base','local'))->selectOne("SELECT vnc_password FROM bhyve WHERE jname=?", array([$jname]));
$pass='cbsd'; $pass = ($res !== false) ? $res['vnc_password'] : 'cbsd';
if($res!==false) $pass=$res['vnc_password'];
$remote_ip=$_SERVER['REMOTE_ADDR']; CBSD::run("vm_vncwss jname=%s permit=%s", array($jname, $_SERVER['REMOTE_ADDR']));
CBSD::run("vm_vncwss jname=%s permit=%s", array($jname,$remote_ip));
// HTTP_HOST is preferred for href // HTTP_HOST is preferred for href
if (isset($_SERVER['HTTP_HOST']) && !empty(trim($_SERVER['HTTP_HOST']))){ if (isset($_SERVER['HTTP_HOST']) && !empty(trim($_SERVER['HTTP_HOST']))){
$nodeip = $_SERVER['HTTP_HOST']; $nodeip = $_SERVER['HTTP_HOST'];
}
if (filter_var($nodeip, FILTER_VALIDATE_IP)) {
$is_ip4=true;
} else { } else {
$is_ip4=false; # use localhost as fallback in case the HTTP_HOST header is not set
} $nodeip = '127.0.0.1';
if ($is_ip4 == false) {
if (filter_var($nodeip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
$is_ip6=true;
} else {
$is_ip6=false;
}
} }
// HTTP_HOST is IP, try to check SERVER_NAME // HTTP_HOST is IP, try to check SERVER_NAME
if (($is_ip4==true)||($is_ip6==true)) { if (filter_var($nodeip, FILTER_VALIDATE_IP)) {
if(isset($_SERVER['SERVER_NAME']) && !empty(trim($_SERVER['SERVER_NAME']))){
$nodeip=$_SERVER['SERVER_NAME'];
} else {
$nodeip = $_SERVER['SERVER_ADDR']; $nodeip = $_SERVER['SERVER_ADDR'];
} // https://www.php.net/manual/en/reserved.variables.server.php
} // Note: Under Apache 2, you must set UseCanonicalName = On and ServerName.
// handle when 'server_name _;' - use IP instead // handle when 'server_name _;' - use IP instead
if (strcmp($nodeip, "_") == 0) { if(isset($_SERVER['SERVER_NAME']) && !empty(trim($_SERVER['SERVER_NAME'])) && (strcmp($_SERVER['SERVER_NAME'], "_") != 0)){
$nodeip=$_SERVER['SERVER_ADDR']; $nodeip = $_SERVER['SERVER_NAME'];
}
} }
# TODO: This will send the pass in clear text # TODO: This will send the pass in clear text
@@ -57,5 +40,6 @@ function runVNC($jname)
$rp = realpath('../'); $rp = realpath('../');
require_once($rp.'/php/db.php'); require_once($rp.'/php/db.php');
require_once($rp.'/php/cbsd.php'); require_once($rp.'/php/cbsd.php');
require_once($rp.'/php/validate.php');
runVNC($_GET['jname']); runVNC(Validate::short_string($_GET['jname'], 32));